CVE-2022-3521

CWE-362Race ConditionCWE-476NULL Pointer Dereference31 documents9 sources
Severity
2.5LOW
EPSS
0.0%
top 94.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux Linux KernelLinux KernelDebian Debian Linux
Timeline
PublishedOct 16
Latest updateApr 11

Description

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.2 | Impact: 1.4

Affected Packages3 packages

NVDlinux/linux_kernel< 5.19+1
CVEListV5linux/kerneln/a
Debianlinux< 5.10.158-1+3

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

4
OSV
linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities2023-03-06
CVEList
Linux Kernel kcm kcmsock.c kcm_tx_work race condition2022-10-16
OSV
CVE-2022-3521: A vulnerability has been found in Linux Kernel and classified as problematic2022-10-16
GHSA
GHSA-76r5-xvfg-3gj2: A vulnerability has been found in Linux Kernel and classified as problematic2022-10-16

📋Vendor Advisories

26
Ubuntu
Linux kernel (GCP) vulnerabilities2023-04-11
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-04-05
Ubuntu
Linux kernel vulnerabilities2023-03-27
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2023-03-16
Ubuntu
Linux kernel (KVM) vulnerabilities2023-03-14
CVE-2022-3521 (LOW CVSS 2.5) | A vulnerability has been found in L | cvebase.io